)]}' { "log": [ { "commit": "bc7614ee942aee814865a5967c642802040476ed", "tree": "12573dc1932f0477dffec7a21cf635f8b3ea140a", "parents": [ "356b896eb4c3db9608d637c775845a09fc20fd07" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Sep 09 13:07:09 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Wed Sep 29 13:04:33 2021 +0000" }, "message": "m/n/c/curator: fix watch fail on context timeout\n\nFixes https://github.com/monogon-dev/monogon/issues/75.\n\nChange-Id: Iefb772fa55499271e85fec500f50e6c77e49d05a\nReviewed-on: https://review.monogon.dev/c/monogon/+/326\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "080f7ff710e359f2dab0d8ace98f0aa8e443d98d", "tree": "f515ece2d0503d897d2c09e18d9fcb5e2f57cee3", "parents": [ "44d6b832490adc28d787f392db1c9e40c9ff3438" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Sep 09 13:01:00 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Tue Sep 21 08:41:43 2021 +0000" }, "message": "m/n/core/curator: add thin etcd storage abstraction\n\nThis implements etcdPrefix, a more formalized way to represent objects\nstored within etcd under some unique ID key.\n\nThis ensures any time objects are retrieved by key they are not\naccidentally traversing /-delimited \u0027path\u0027 elements, and implements the\nmildly complex range start/end computation operation for when all\nobjects from within a prefix must retrieved.\n\nChange-Id: Ib095f466faaf453b5f61a35642df6b0c1076ae05\nReviewed-on: https://review.monogon.dev/c/monogon/+/322\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "44d6b832490adc28d787f392db1c9e40c9ff3438", "tree": "f04b490de46c451931df9e078969eb550632e937", "parents": [ "e306d780504ae3ddfad3eb852c7adc5ec9757d89" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Sep 06 22:02:04 2021 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Sep 08 12:21:08 2021 +0000" }, "message": "Use a temporary ntp.monogon.dev CNAME instead of pool.ntp.org\n\nWe\u0027re currently trying to get a vendor zone assigned\n(monogon-dev/monogon#72). Meanwhile, use a CNAME pointing\nto pool.ntp.org to avoid a freak accident where someone uses\na WIP version of Metropolis to deploy a million plastic routers.\n\nChange-Id: Ib39006c65a23d2df3a1230c28b0b7245b9e3e3c4\nReviewed-on: https://review.monogon.dev/c/monogon/+/320\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "e306d780504ae3ddfad3eb852c7adc5ec9757d89", "tree": "3e8e2c7a21430777db525c9ed4717a2cab1c114a", "parents": [ "d7d6e0284de38cbeeb185ca17c0853b4b2c10ee9" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Sep 01 13:01:06 2021 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Sep 06 09:05:40 2021 +0000" }, "message": "m/n/time: add time service\n\nThis adds a bare-minimum time service based on chrony/NTP for keeping\nthe system clock and RTC on Metropolis nodes accurate.\n\nIt also introduces a UID/GID registry in the Metropolis node code\nas this is the first unprivileged service to run on the node itself.\n\nIt does not yet use a secure time source, this is tracked as #73.\n\nChange-Id: I873971e6d3825709bc8c696e227bece4cfbda93a\nReviewed-on: https://review.monogon.dev/c/monogon/+/319\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "d7d6e0284de38cbeeb185ca17c0853b4b2c10ee9", "tree": "37e0b443caf904f0b78d423ba6580c1416f5bc11", "parents": [ "9ffa1f9577003ab70a6b483475874f3552d1ccc3" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Sep 01 15:03:06 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Fri Sep 03 11:15:40 2021 +0000" }, "message": "m/n/core/rpc: create library for common gRPC functions\n\nThis is the beginning of consolidating all gRPC-related code into a\nsingle package.\n\nWe also run the Curator service publicly and place it behind a new\nauthorization permission bit. This is in preparation for Curator\nfollowers needing access to this Service.\n\nSome of the service split and authorization options are likely to be\nchanged in the future (I\u0027m considering renaming Curator to something\nelse, or at least clearly stating that it\u0027s a node-to-node service).\n\nChange-Id: I0a4a57da15b35688aefe7bf669ba6342d46aa3f5\nReviewed-on: https://review.monogon.dev/c/monogon/+/316\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "9ffa1f9577003ab70a6b483475874f3552d1ccc3", "tree": "a688d02424e8601ed830d12021b5867688d31438", "parents": [ "6bd415920b84bd695038caeb386f1e97184f0c51" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Sep 01 15:42:23 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Thu Sep 02 10:38:15 2021 +0000" }, "message": "m/n/core/curator: authenticated RPC\n\nThis adds authentication middleware (server interceptors) for gRPC\nservices running on the public curator listener.\n\nMost of this code is testing harnesses to start up just the curator\nlistener with enough of a PKI infrastructure copy from a real Metropolis\ncluster to be able to start running tests against GetRegisterTicket.\n\nChange-Id: I429ff29e3c1233d74e8da619ddb543d56bc051b9\nReviewed-on: https://review.monogon.dev/c/monogon/+/311\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "6bd415920b84bd695038caeb386f1e97184f0c51", "tree": "60a125e0a299663c392218ed8b80cf33ea31aabd", "parents": [ "68dcee136984e2e16b7682e0c0758c1df831a84c" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Aug 23 13:18:37 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Wed Sep 01 12:56:15 2021 +0000" }, "message": "m/node: add Management service, implement GetRegisterTicket RPC\n\nThis follows the Cluster Lifecycle design document.\n\nDO NOT MERGE: this needs a stacked CL on top which implements\nauthentication for the Management service.\n\nChange-Id: I19422a63b9dbf2fc0c7f4cbe204851af35b4dbdf\nReviewed-on: https://review.monogon.dev/c/monogon/+/307\nReviewed-by: Mateusz Zalega \u003cmateusz@monogon.tech\u003e\n" }, { "commit": "c1bf6aa7ac83513659d56756009d572deffa7177", "tree": "fafe3258a74a97171a9d11d917a19c2e7387db73", "parents": [ "1f9a03b3f952320824b1ae49e56da3cb814cd5b0" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Aug 23 13:05:24 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Tue Aug 24 17:26:35 2021 +0000" }, "message": "m/n/core/curator: fix listener stuckness on restarts\n\nThis makes both gRPC listener runnables (local and public) manage their\nown listening sockets, allowing them to restart independently of\neachother, and making sure that any listening sockets are cleaned up.\n\nWe also fix the existing curator test (which does not exercise the\nlisteners, just leadership election) to place the curators and their\nlocal sockets in /tmp instead of the default bazel tempdir (as a path\nbased on that is longer than the maximum domain socket path). This makes\nthese tests slightly less noisy (as they kept crashing while not being\nable to listen to the local socket).\n\nThis should\u0027ve been caught by a curator listener test, if we had one\n(other than the e2e test). I\u0027m growing keen on spending some time\nwriting enough of a harness to actually do that. Maybe once we have a\nfollower implementation ready…\n\nChange-Id: I0267292781b6ee8aff1d0557d420bbaa3c3d79f6\nReviewed-on: https://review.monogon.dev/c/monogon/+/304\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "b9044c888097757c36933062f27b5f5ee103ee5f", "tree": "b07722231a9cf0fd3c0b81486bd637e11cbd7b6b", "parents": [ "3bb23219009a98643a562b1e59e3a4080f422c51" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Aug 24 11:59:47 2021 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Aug 24 16:12:52 2021 +0000" }, "message": "m/p/devicemapper: make parameter encoding part of package\n\nThe DM kernel interface gets a single parameter string for each DM\ntarget in a table but internally the kernel immediately decodes it into\nan argv-style list of string arguments. Because everything needs to do\nit and it can be quite hard to get right, let\u0027s make it part of the\ndevicemapper package. Properly encoding this also means you get\nactionable errors when you pass invalid data instead of weird kernel\nerrors or misbehavior.\n\nChange-Id: I8060871a7459183c0395e5e4e8aac517544b2e87\nReviewed-on: https://review.monogon.dev/c/monogon/+/309\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "41d275a63864e67deacad5b2ec0b435b01984034", "tree": "b5acf06483c0c33f0e988c82cbb25db4ceea777f", "parents": [ "5b2ae5500a90dc48b9713095e5f1580b9c9646d9" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Aug 17 13:09:43 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Tue Aug 24 13:18:12 2021 +0000" }, "message": "m/n/c/curator: implement AAA.Escrow for initial owner pubkey\n\nThis finally implements AAA.Escrow in Metropolis.\n\nWe\u0027re not yet implementing multi-user support, so this currently only\nimplements retrieving an Owner certificate using the owner public key\nspecified in NodeParameters.cluster_bootstrap.\n\nChange-Id: I64a7ba025a8069d82b3c804ca3e2a706de2b0fbf\nReviewed-on: https://review.monogon.dev/c/monogon/+/289\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "5b2ae5500a90dc48b9713095e5f1580b9c9646d9", "tree": "1f6efbed2aa20716c18772bb30dbafacd6f07db3", "parents": [ "03758714f4b7be2a712831beecfdfcbf151b4c66" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Aug 17 13:00:14 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Mon Aug 23 12:26:16 2021 +0000" }, "message": "m/n/c/curator: listen on public gRPC\n\nThis enables listening on CuratorPort (which was called\nNodeServicePort) using TLS node certificates. No service is yet running\non the new gRPC listener.\n\nChange-Id: I436ac1ae9cbdb257419ad114262fc2a7516396b1\nReviewed-on: https://review.monogon.dev/c/monogon/+/288\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "03758714f4b7be2a712831beecfdfcbf151b4c66", "tree": "1a7e2f3096a130897f53c28d4f9b72ea871264d0", "parents": [ "8ff4b7c6f20c9dda91c0eefc524e9bb6c3bff52d" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Aug 17 12:52:11 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Fri Aug 20 09:03:18 2021 +0000" }, "message": "m/n/core: save owner public key in etcd\n\nThis is an early implementation of storing user credentials. It\ncurrently does not support more then the owner credentials.\n\nThese are not yet used anywhere, but will be in a follow-up CL.\n\nChange-Id: Ib876f7aaff44531dcae5a27875a960aaa9ec029f\nReviewed-on: https://review.monogon.dev/c/monogon/+/287\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "158e9a415a72bfacfdf9f46eb06b30486680299f", "tree": "ef5884479bc8da914cb69f7c111d06e32cbe2a1e", "parents": [ "a41caacc71418f7307d851fad95991cf80bdcb41" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Aug 17 17:04:54 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Thu Aug 19 11:52:17 2021 +0000" }, "message": "m/n/core: reformat\n\nWe should get this into CI, as my IntelliJ keeps finding Go files that\naren\u0027t properly reformatted.\n\nChange-Id: I7ea736994bea13ccebc787548fadf3da984e334e\nReviewed-on: https://review.monogon.dev/c/monogon/+/291\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "a41caacc71418f7307d851fad95991cf80bdcb41", "tree": "cbcf9af76f29ccb94b7c2b94d75f1e8eb39cfb3d", "parents": [ "5253884d51cb64c1d1afcb2d7b969f7c2b50b302" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Aug 12 17:00:55 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Thu Aug 19 10:20:55 2021 +0000" }, "message": "m/pkg/pki: forbid External/Managed certificates without name\n\nThis ensures any stored certificates must have a name set - otherwise\nthey end up being created with an empty string as a name, and end up\ncolliding with eachother.\n\nChange-Id: I9e415b6ff89dbda179526920d58e33e638a28cec\nReviewed-on: https://review.monogon.dev/c/monogon/+/286\nReviewed-by: Mateusz Zalega \u003cmateusz@monogon.tech\u003e\n" }, { "commit": "5253884d51cb64c1d1afcb2d7b969f7c2b50b302", "tree": "10a6bf03472e9c14da2515ea7755d74bb3f660e6", "parents": [ "99f477412a2e701f89f7698be1dd432adcfff17c" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Aug 11 16:22:41 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Thu Aug 19 10:20:55 2021 +0000" }, "message": "m/pkg/pki: refactor, allow for external certificates\n\nThe pki library supported managing certificates in two modes:\n\n - default, when name !\u003d \"\"\n - volatile/ephemeral, when name \u003d\u003d \"\"\n\nThe difference between the two being that default certificates were\nfully stored in etcd (key and x509 certificate), while volatile\ncertificates weren\u0027t stored at all. However, both kinds needed private\nkeys passed to the pki library.\n\nWe want to be able to emit certificates without having private keys for\nthat certificate, so we end up a third mode of operation: \u0027external\ncertificates\u0027. These are still stored in etcd, but without any\ncorresponding private key.\n\nIn the future we might actually get rid of ephemeral certificates by\nexpanding the logic of external certificates to provide a full audit log\nand revocation system, instead of matching by Certificate Name. But this\nwill do for now.\n\nWe also use this opportunity to write some simple tests for this\npackage.\n\nChange-Id: I193f4b147273b0a3981c38d749b43362d3c1b69a\nReviewed-on: https://review.monogon.dev/c/monogon/+/263\nReviewed-by: Mateusz Zalega \u003cmateusz@monogon.tech\u003e\n" }, { "commit": "99f477412a2e701f89f7698be1dd432adcfff17c", "tree": "43c088e34cfa9171a5587573f4d824f9d09e0a69", "parents": [ "9d6c4c78bca9da0db7e40e5de776528f3d83a7dd" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Aug 04 20:21:42 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Thu Aug 19 10:20:55 2021 +0000" }, "message": "curator: provisions for implementing multiple gRPC services\n\nWe want to run some other gRPC services on the Curator leader/follower\nimplementations other than just the Curator gRPC service.\n\nThis decouples the local types from implementing a particular gRPC\nservice (instead proxying through an interface) and splits out the\nimplementation of the Curator gRPC service from the main leader objects.\n\nThis should allow us to add an implementation of eg. a Management gRPC\nservice in a testable manner (the only thing we have to dependency\ninject is the leadership struct, and that\u0027s trivial to do with a simple\netcd test server).\n\nChange-Id: Ia0ea65e40a775bf49661d0b99c0185aa83547ed0\nReviewed-on: https://review.monogon.dev/c/monogon/+/260\nReviewed-by: Mateusz Zalega \u003cmateusz@monogon.tech\u003e\n" }, { "commit": "9d6c4c78bca9da0db7e40e5de776528f3d83a7dd", "tree": "71cba058637a866b7c87e3f296dd4995d0171cfe", "parents": [ "257acab41f5a35575ca0f2dbc9568b1bd75d2570" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jul 20 21:16:27 2021 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 11 15:38:58 2021 +0000" }, "message": "Support injecting container images for development\n\nThis adds the LoadImage RPC and an accompanying subcommand\nto the debug API which allows loading images into\nan existing Metropolis node for\ndevelopment or testing.\n\nChange-Id: I51d802630ae4c95fb874e01bfb6510ab69c322e1\nReviewed-on: https://review.monogon.dev/c/monogon/+/219\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "257acab41f5a35575ca0f2dbc9568b1bd75d2570", "tree": "fdc41d8de424f74525b7a92024c12f00ed8928fa", "parents": [ "1445396219351e711f82d4cebad6e84a46553bda" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Aug 10 12:36:17 2021 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 11 11:28:06 2021 +0000" }, "message": "m/p/devicemapper: Support creating read-only devices\n\nI originally thought this is not going to be needed as R/W control can be done through devicemapper itself, but verity requires a read-only table.\n\nWhile we\u0027re here let\u0027s also add some doc comments to the Target struct.\n\nExisting functionality is covered by existing tests, read-only functionality will be exercised by verity tests once they land.\n\nChange-Id: Ib76bcffb14b5fe40d8d77bd9731b591d0d8cf22f\nReviewed-on: https://review.monogon.dev/c/monogon/+/262\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "439b95eb515c86ba8ce9917da258c0875f36f038", "tree": "b7590aaac27700868ca1638af4d2e84bfb1a975f", "parents": [ "f9edf520bd3fa049b8f1d5f09f0ee727864ca8c7" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Wed Jun 30 23:16:13 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Tue Jul 20 14:43:28 2021 +0000" }, "message": "m/n/c/{cluster,curator}: move NodeCredentials to cluster\n\nThis keeps the NodeCredentials/NodeCertificate logic types near their\nconsumer, the cluster bootstrap code. It also rewrites these structures\nto be centered around the x509 data itself.\n\nThis is a followup to https://review.monogon.dev/c/monogon/+/186 .\nAttempting to introduce it into that change was too complex due to the\nsurrounding cluster/curator refactoring.\n\nWe also take this opportunity to write some simple tests for the\ncredential validation logic.\n\nChange-Id: Iead3cfdd5778274508d79799f4750f5fdf9385bc\nReviewed-on: https://review.monogon.dev/c/monogon/+/197\nReviewed-by: Lorenz Brun \u003clorenz@nexantic.com\u003e\n" }, { "commit": "f9edf520bd3fa049b8f1d5f09f0ee727864ca8c7", "tree": "1fd016dcbeccbc7b8bbfc32960c43bd0dbaffe5f", "parents": [ "a959cbd12c29b62045f02b1d22cdf1e36c0261a4" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jun 17 15:57:13 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Tue Jul 20 14:42:45 2021 +0000" }, "message": "metropolis/node/core: use curator\n\nThis finally switches over the node startup code to use the full Cluster\nManager / Curator / Role Server chain to bring up the node.\n\nChange-Id: Iaf6173671aed107a67b4201d9d1ad8bb33baa90f\nReviewed-on: https://review.monogon.dev/c/monogon/+/189\nReviewed-by: Lorenz Brun \u003clorenz@nexantic.com\u003e\n" }, { "commit": "a959cbd12c29b62045f02b1d22cdf1e36c0261a4", "tree": "7f44cdf24c3c02f7d9ba866a2d37275673a0dd11", "parents": [ "0d93777cf32dd0d0f6f8d75d8396f7140cff9d13" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jun 17 15:56:51 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Tue Jul 20 12:02:29 2021 +0000" }, "message": "metropolis/node/core/cluster: use curator\n\nThis refactors the cluster manager. It removes all etcd storage\nfunctionality (which now lives in the curator) and otherwise dusts\nthings off slightly (some file renames, some comments to reflect the now\nclarified and limited scope of the cluster manager).\n\nChange-Id: Ic62d8402c0618fb5e0e65966b0d732a2cab564e0\nReviewed-on: https://review.monogon.dev/c/monogon/+/188\nReviewed-by: Lorenz Brun \u003clorenz@nexantic.com\u003e\n" }, { "commit": "0d93777cf32dd0d0f6f8d75d8396f7140cff9d13", "tree": "f6abee66c82ba141ad449575a6d35d06408c6ed4", "parents": [ "963c4090f74341d8efc61b49ba5934a18434371c" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jun 17 15:54:40 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Tue Jul 20 12:02:29 2021 +0000" }, "message": "m/n/core/roleserver: implement\n\nThis implements the Role Server, which is the new service responsible\nfor actually running Metropolis workloads like the Kubernetes services.\n\nThis decouples starting Kubernetes from node startup code, and handles\ncases like nodes changing roles at runtime.\n\nChange-Id: Ie5f7f2c30b05fe74ca003805532dba50bf3821d0\nReviewed-on: https://review.monogon.dev/c/monogon/+/187\nReviewed-by: Lorenz Brun \u003clorenz@nexantic.com\u003e\n" }, { "commit": "963c4090f74341d8efc61b49ba5934a18434371c", "tree": "65e0e58e997e155290118e53aebfc228aa3e20be", "parents": [ "2098b98c7deaf9115742cf73071f888e0513cf2f" ], "author": { "name": "Mateusz Zalega", "email": "mateusz@monogon.tech", "time": "Mon Jul 05 18:50:08 2021 +0200" }, "committer": { "name": "Mateusz Zalega", "email": "mateusz@monogon.tech", "time": "Mon Jul 19 10:52:16 2021 +0000" }, "message": "m/n/c/consensus_test: move timeout handling to Bazel\n\nThe test regularly exceeds timeout on slower machines, and besides,\nthat\u0027s the proper way to do it.\n\nChange-Id: Ic4a8ac717bd7f6e70d4d4ac0b156f42ff5addef8\nReviewed-on: https://review.monogon.dev/c/monogon/+/215\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\nReviewed-by: Sergiusz Bazanski \u003cserge@nexantic.com\u003e\n" }, { "commit": "79fc1e9fd6ee8777f097ab251b828d82e33b7bad", "tree": "a1c50daa06f2ea66fb5fcf14e85331385facdb68", "parents": [ "50009e024b50eda2c69b884600d0850c73d62b6d" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Jul 06 16:25:22 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Wed Jul 07 13:49:55 2021 +0000" }, "message": "metropolis/*: move tests to supervisor harness\n\nThis somewhat simplifies test code (barely), but more importantly pipes\nlogs from runnables into test stdout, thereby making debugging much\neasier.\n\nChange-Id: I3e597bbac8497bea3477afd54f61b592a0d08355\nReviewed-on: https://review.monogon.dev/c/monogon/+/206\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "50009e024b50eda2c69b884600d0850c73d62b6d", "tree": "28ee724fd39c537e09a755fbd593dc15d31e288e", "parents": [ "ebe025936fc86f53e7316f894f54dd6ef9b0a9d7" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Wed Jul 07 14:35:27 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Wed Jul 07 13:48:54 2021 +0000" }, "message": "m/n/core/consensus: parse etcd server logs\n\nThis finally gives us easy to read etcd logs instead of raw JSON dumps\ninto stdout. Instead of simply parsing them as raw logs, we convert them\ninto leveled logs.\n\nChange-Id: I7cfe18b9c4e24d7742a01a77f5d9c6ddee647493\nReviewed-on: https://review.monogon.dev/c/monogon/+/209\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "f0b4da54afc17f4b2b1c31ddb9433ee888aea699", "tree": "a4ef4b8154c4024714209710696310bfd7bc2764", "parents": [ "35e43d133a16750adfa1683473f5c2648a010b1a" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Jun 21 20:05:59 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Wed Jul 07 13:31:45 2021 +0000" }, "message": "m/n/core/curator: implement leader and Node/PKI state\n\nThis implements actual Curator logic for nodes and PKI. These will\nreplace the cluster manager\u0027s equivalent logic.\n\nThere are two entry points to this logic:\n\n - the gRPC service\u0027s Watch method for accessing node status\n - bootstrap logic to create a node when the cluster manager bootstraps\n the cluster.\n\nTest plan: a followup CR will introduce tests for the Curator - more\ngranular than the full E2E suite. DO NOT MERGE UNTIL THEN, as this is\ncritical code.\n\nChange-Id: I8c40a821b846012b90cf9a5df27901d1b49f388c\nReviewed-on: https://review.monogon.dev/c/monogon/+/186\nReviewed-by: Lorenz Brun \u003clorenz@nexantic.com\u003e\n" }, { "commit": "3c885deeda9ab560ee29e94159782ce4323af80e", "tree": "5d6a18c0b822accc5c279240c0d7e52ca071a361", "parents": [ "aad79488d417eefafd4102bda9bd10d6473cf6c7" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jun 17 17:21:00 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Mon Jul 05 18:19:36 2021 +0000" }, "message": "m/n/core/curator: implement gRPC listener\n\nThis implements the Curator listener and listener dispatcher, two\nrunnables responsible for maintaining an active Curator RPC\nimplementation (either leader or follower) and switching over\nappropriately as the election status changes.\n\nThis might be overengineered. The implementation switchover logic and\ncontext joining could possibly be ripped out and replaced by plain gRPC\nsocket close and re-open on switchover.\n\nTesting plan: implements unit tests for switching/dispatching.\n\nChange-Id: Ib62195b336d0754d99865d7a2a32ba2ffa3543ce\nReviewed-on: https://review.monogon.dev/c/monogon/+/185\nReviewed-by: Lorenz Brun \u003clorenz@nexantic.com\u003e\n" }, { "commit": "76003f807b24a22476b14bc308939fc62e1ad6a2", "tree": "24fc636b5c47569aa8e64119bd4b1f81a794c9ab", "parents": [ "e30d7d08548fe233cacff5870971f08318ff9646" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jun 17 16:39:01 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Wed Jun 30 12:29:59 2021 +0000" }, "message": "m/n/core/curator: implement leader election\n\nThis implements the leader election functionality subset of the curator.\nIt does not yet implement any business logic, just the switchover\nbetween acting as a leader and a follower.\n\nTest plan: implements an integration test for the leader election with\nan in-memory etcd cluster.\n\nChange-Id: Id77ecc35a9f2b18e716fffd3caf2de193982d676\nReviewed-on: https://review.monogon.dev/c/monogon/+/184\nReviewed-by: Lorenz Brun \u003clorenz@nexantic.com\u003e\n" }, { "commit": "e30d7d08548fe233cacff5870971f08318ff9646", "tree": "be4b12585cf856db8fc74746f5bfed69748195cd", "parents": [ "db77e82767ff620de89d75a7f3e9a6c37b1d0973" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Wed Jun 23 18:50:19 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Thu Jun 24 09:08:20 2021 +0000" }, "message": "m/n/core/consensus/client: add context to ThinClient\n\nThis context ends up in the returned clientv3.Client structure and is\naccessible under .Ctx(). This is used by some library code, and all\netcd clients by default have a context, so that library code will fail\nif none is set.\n\nChange-Id: If2b9fb0720725d623c05ea4947fdf99fe6d5d1d0\nReviewed-on: https://review.monogon.dev/c/monogon/+/195\nReviewed-by: Lorenz Brun \u003clorenz@nexantic.com\u003e\n" }, { "commit": "7f17d9b41f248f4b009f5d702622616f62d0a2fa", "tree": "fdb69964144f9b654a746d15e86d34f0bf1b108b", "parents": [ "63fabd954a5303f6bba41557da55b1940198058f" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jun 17 16:11:40 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Tue Jun 22 12:05:16 2021 +0000" }, "message": "m/n/core/localstorage: add curator ephemeral directory\n\nThis is where the curator will listen for local gRPC connections from\nthe rest of the node code.\n\nChange-Id: Id0ea2e4e05d04bbea4b3b88dd51122d394317578\nReviewed-on: https://review.monogon.dev/c/monogon/+/183\nReviewed-by: Lorenz Brun \u003clorenz@nexantic.com\u003e\n" }, { "commit": "63fabd954a5303f6bba41557da55b1940198058f", "tree": "547628727ea80a09eced09a402945d81263f6778", "parents": [ "30653eeb3adcbebfecb4216569dc247b51cfb464" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jun 17 15:47:22 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Mon Jun 21 09:12:58 2021 +0000" }, "message": "m/n/c/curator/proto: add API proto\n\nThis is the initial API of the curator service we\u0027re about to implement.\nThe TODO comments already reflect the state of the implementation as is\nnow, and as will be stacked on top of this change.\n\nTesting Plan: proto change only, no logic yet.\n\nChange-Id: I2c11b0d5f2112b7872ea348815d81ded4be874bd\nReviewed-on: https://review.monogon.dev/c/monogon/+/162\nReviewed-by: Lorenz Brun \u003clorenz@nexantic.com\u003e\n" }, { "commit": "b9013af7fa0247191099ec1f471a2d751537f545", "tree": "dec4a8c6e2ccefe41c2269f7938004a10d3792e1", "parents": [ "4166a71f51d9546c1dfd9f99b5fdffcb9301b57b" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Apr 29 16:47:56 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Tue Jun 08 10:23:53 2021 +0000" }, "message": "m/n/core/consensus/client: implement ThinClient()\n\nSummary:\nThis implements a ThinClient function on Namespaced which returns an\nclientv3.Client. These can be useful when dealing with existing code\nwhich expects this type, but only uses non-management APIs. For example,\nthe clientv3 concurrency library.\n\nTest Plan: To be used by future code, and basic enough that it IMO does not warrant unit tests?\n\nChange-Id: Ic6e38ff654bafd8bb385cf108637f8ed058015dc\nReviewed-on: https://review.monogon.dev/c/monogon/+/121\nReviewed-by: Lorenz Brun \u003clorenz@nexantic.com\u003e\n" }, { "commit": "216fe7b3ae949376467f626f339423a31ea7da97", "tree": "b0fe587b671a76bf6229339825d2a61df7fc847b", "parents": [ "6ebdc418f3c4799c12368e34ea78dc9c9757fb54" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri May 21 18:36:16 2021 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri May 28 17:54:03 2021 +0200" }, "message": "*: reflow comments to 80 characters\n\nThis reformats the entire Metropolis codebase to have comments no longer\nthan 80 characters, implementing CR/66.\n\nThis has been done half manually, as we don\u0027t have a good integration\nbetween commentwrap/Bazel, but that can be implemented if we decide to\ngo for this tool/limit.\n\nChange-Id: If1fff0b093ef806f5dc00551c11506e8290379d0\n" }, { "commit": "68ca5eebd0ccd00a2d60eb42289c64357fb2e83f", "tree": "5706f5b4fa8dc44775dbabe24cd577f1d37a0422", "parents": [ "93bba15a0059da200a5d09a2bd7ec5ed5a667c60" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Apr 27 16:09:16 2021 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue May 11 12:09:33 2021 +0200" }, "message": "m/pkg/event: move MemoryValue to subpackage\n\nThis keeps metropolis/pkg/event as a pure interface package, and\nmoves the memory-backed implementation to a subpackage.\n\nTest Plan: Refactor, coevered by tests.\n\nX-Origin-Diff: phab/D764\nGitOrigin-RevId: 1337bf55a7752293791b3efe8648bbf5f6e6e9e1\n" }, { "commit": "2666513457e8d7a282560a7090f35439ab9695ce", "tree": "328d8f62ddb665b6cd057272f7cae2713aa247ad", "parents": [ "a105db57640d6abf6de368ec0c33a3a5b4f93893" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Apr 13 16:55:59 2021 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Apr 13 19:51:33 2021 +0200" }, "message": "Fix TCP BBR setting\n\nI previously set the TCP queuing discipline to BBR without actually compiling in BBR.\nSee T943. This actually builds in BBR and sets it as default in the kernel config, thus removing\nthe need to manually set it in userspace.\n\nTest Plan: CI\n\nBug: T943\n\nX-Origin-Diff: phab/D760\nGitOrigin-RevId: 779a709e4298ec59bfdcf462fe2f3563952204b6\n" }, { "commit": "a105db57640d6abf6de368ec0c33a3a5b4f93893", "tree": "dc96244d0b2922768d7f29431bab2a9ac581a1a6", "parents": [ "c75c9d4f30174c089cce47c608683bf09396fa30" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Apr 12 19:57:46 2021 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Apr 13 19:51:13 2021 +0200" }, "message": "m/n/core/cluster: migrate to events and etcd namespaced client\n\nThis moves the status of the cluster manager to use a local event\nvariable. Watchers (like the node startup code) can now use this to get\nupdates on the state of the node and its cluster membership in a way\nthat\u0027s more abstracted from a sequential startup. This will permit us to\nmove a lof othe startup code into code common across different node\nlifecycle paths.\n\nTest Plan: Refactor, exercised by e2e.\n\nX-Origin-Diff: phab/D757\nGitOrigin-RevId: 31a3600ad2aab90a1e7f84d741e7ea40a0422724\n" }, { "commit": "c75c9d4f30174c089cce47c608683bf09396fa30", "tree": "a3d34c7ac52f16650de55ba28d3621add81e5f99", "parents": [ "886d2892d1717bc130cfa008742c06c29f7ff186" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Apr 13 16:40:14 2021 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Apr 13 19:51:11 2021 +0200" }, "message": "m/n/c/consensus: add client\n\nThis implementes a thin wrapper around etcd\u0027s clientv3.Client, with the\nfollowing advantages:\n\n - Only implements KV, Watcher and Lease interfaces, ie. unprivileged\n namespaceable interfaces - not cluster management interfaces. These\n will be available to both remote and local etcd connections.\n - Adds recursive namespacing functionality, which permits different\n parts of the subsystem to receive their own somewhat-sandboxed etcd\n subtree. This not only makes the etcd keyspace layout more strict,\n but also simplifies passing around etcd clients, as major components\n (like the kubernetes subsystem) can hand out its own sub-clients,\n instead of them having to be globally declared ahead of time.\n\nTest Plan: Exercised by tests.\n\nX-Origin-Diff: phab/D756\nGitOrigin-RevId: 03fead9a89c301a2e70df8a007b7ecb60b2364c7\n" }, { "commit": "0565ea3191d445bdaab647213d59ed3d7218630a", "tree": "fd5f395dd2f54a1582538e7b5ac2b724db987625", "parents": [ "09c275bc489bc1de406be9a2e8f158eaa87b7c61" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Apr 13 11:52:00 2021 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Apr 13 19:51:06 2021 +0200" }, "message": "m/n/core/cluster: factor out bootstrap into separate file\n\nTest Plan: Refactor.\n\nX-Origin-Diff: phab/D753\nGitOrigin-RevId: 2e39db6673b2a0a6c1d7593f230fa691643e4c06\n" }, { "commit": "09c275bc489bc1de406be9a2e8f158eaa87b7c61", "tree": "31c62a93e37f6052aa99e2addacef6c060d75e85", "parents": [ "37050126ef89ec30cc677c272471debe55ec0d69" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Mar 30 12:47:09 2021 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Apr 13 11:04:05 2021 +0200" }, "message": "Add ftrace support to DebugService\n\nThis allows us to do ad-hoc kernel-level tracing on a running Metropolis node.\nUseful for tracking down complex bugs.\n\nExample: `bazel run //metropolis/cli/dbg -- trace -function_graph_filter blkdev_* function_graph`\n\nTest Plan: Debug utility, manually tested\n\nX-Origin-Diff: phab/D748\nGitOrigin-RevId: 924eb795250412a73eb30c0eef4a8c1cc726e5fd\n" }, { "commit": "37050126ef89ec30cc677c272471debe55ec0d69", "tree": "c64a64a622ec1c3e1e72fc12a6d4252c0e803cc1", "parents": [ "2999427c182463840a339cf0e82885d8a3b6e79f" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Mar 30 14:00:27 2021 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Apr 13 11:04:01 2021 +0200" }, "message": "Implement Block PVCs in our storage backend\n\nThis implements full support for Block PVCs in our Kubernetes storage backend.\nThe block PVCs are backed by files made available to the pods using loop devices and\nhave read-only and online expansion support.\n\nThis also requires a Kubernetes patch because they call losetup if block PVCs are used\nwith CSI to establish a form of lock on the backing block device. This lock is not\nexclusive and does absolutely nothing for our use case and could get very expensive\non dense machines so I removed it.\n\nTest Plan: Comes with E2E tests\n\nX-Origin-Diff: phab/D746\nGitOrigin-RevId: 430d3f445286c0d3498b2153df333a19f3fcab89\n" }, { "commit": "42e61c6a3601d7f63176af3f53a3ac9c53120099", "tree": "2fd6e86b1a0dee6b4928f04ac359b4b262806d73", "parents": [ "34fe8c666811c63f33ba970ba0e39d25804ab4a3" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Mar 18 15:07:18 2021 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Mar 18 15:07:18 2021 +0100" }, "message": "m/n/core/cluster: rewrite bootstrap to conform to cluster lifecycle DD\n\nThis removes the existing cluster/manager code and reimplements it from\nscratch, finally implementing the cluster lifecycle design document for\ncluster bootstrap.\n\nTest Plan:\nE2e should cover this. Maybe we could unit test the manager? But that would\nrequire a ton of DI work. Not sure if it\u0027s worth it.\n\nX-Origin-Diff: phab/D735\nGitOrigin-RevId: b00c97b0a102a21605d16086df82a6ece6eb7f4d\n" }, { "commit": "34fe8c666811c63f33ba970ba0e39d25804ab4a3", "tree": "fce90696e07eb76efea1436047393ad66ac04404", "parents": [ "3ea1a3a30d41980a8a5b5f321b3e7bc8af96dc29" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Mar 16 13:20:09 2021 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Mar 16 13:20:09 2021 +0100" }, "message": "m/node/core/consensus: always use member name as address\n\nInstead of explicitly giving the consensus service an address to listen\non, we now just give it a hostname. Etcd will resolve the name itself on\nstartup. It\u0027s not yet known if it will re-resolve it and handle changes.\nIf that\u0027s not the case, we will have to implement a restarting\nbabysitter process instead.\n\nTest Plan: E2e tests should cover this.\n\nX-Origin-Diff: phab/D734\nGitOrigin-RevId: c2255b2956137e2bbd705ac1965418c0540d0046\n" }, { "commit": "3ea1a3a30d41980a8a5b5f321b3e7bc8af96dc29", "tree": "0d4ab65ff6af76e3115ac8a82452216301aebce4", "parents": [ "72068da814af80568cb106b877ef8f5e526e684c" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Mar 16 13:17:33 2021 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Mar 16 13:17:33 2021 +0100" }, "message": "m/node/core/conensus: handle etcd restarts\n\nThis makes the etcd service more reliable in case of transient failures\nwhen starting in a new cluster. Previously, any restart of etcd on the\nfirst (bootstrapping) node would cause etcd to get stuck and never start\nagain (as certificates were already created). This changes the logic to\nallow existing certificates.\n\nThis also handles the case of etcd attempting to start as the network is\nreconfigured, and eg. the external hostname is not yet resolvable.\n\nTest Plan:\nNo tests yet. This should be tested by a more comprehensive e2e test where we\nrandomly kill some runnables (see: T872).\n\nX-Origin-Diff: phab/D733\nGitOrigin-RevId: 8ac426f9423ec2353537eec651071e99a5e5ec53\n" }, { "commit": "d8af5bf4c14a5c53d1736695a1210b6eea4d246e", "tree": "83e4c35e105d8fb0e5bf71ac8c93bbd3e7f964b4", "parents": [ "4e090357c4f1f3bae53a5f2feaf20ea5e1bbbe61" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Mar 16 13:38:29 2021 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Mar 16 13:38:29 2021 +0100" }, "message": "metropolis/node: use Event Value for network status\n\nThis moves over the GetIP API to use our fancy new event/value library.\nThe consumers of this data are currently the cluster manager and the\nkubernetes root service. Both are migrated over.\n\nTest Plan: Refactor, covered by E2E tests.\n\nX-Origin-Diff: phab/D711\nGitOrigin-RevId: 8a1e0dd35236d55492722f4439323cb2ee9574fc\n" }, { "commit": "4e090357c4f1f3bae53a5f2feaf20ea5e1bbbe61", "tree": "335ec273335722befdeca623b8f3f787a2cd6571", "parents": [ "0ed2f96a3a86aff2c9ce36289aa5d58a75f4d59b" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Mar 17 17:44:41 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Mar 17 17:44:41 2021 +0100" }, "message": "Add KVM device plugin\n\nThis adds a KVM device plugin for Kubernetes. This plugin allows for unprivileged access and granular\ncontrol of KVM access.\n\nTest Plan: Tested in subsequent revision\n\nX-Origin-Diff: phab/D739\nGitOrigin-RevId: 5cd738a47d24e7bfdc29bbd1a31537209e1ebf46\n" }, { "commit": "0ed2f96a3a86aff2c9ce36289aa5d58a75f4d59b", "tree": "afbe1fb6cd0a1667e981edfe97969338437bdaca", "parents": [ "056042962060369bd7607ecfea51c515fc3a8140" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Mar 15 16:39:30 2021 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Mar 15 16:39:30 2021 +0100" }, "message": "metropolis/proto: EnrolmentConfig -\u003e NodeParameters\n\nThis starts off the move to a node configuration API conforming to\nthe lifecycle management design document.\n\nInstead of an Enrolment Config used only to join an existing cluster, we\nmove to a NodeParameters proto that must always be given to a node if\nit\u0027s supposed to either bootstrap a new cluster or join an existing one.\n\nThis links the existing cluster management code (and its state machine)\nto work with this file. However, that state machine will be removed very\nsoon, anyway.\n\nWe also remove everything related to golden tickets.\n\nThis breaks multi-node tests.\n\nX-Origin-Diff: phab/D710\nGitOrigin-RevId: f22615fbccab975f2d5e6928bdc7387ab3aa5714\n" }, { "commit": "9411f7c2ed0afbbf617075ab37901addc76fadfb", "tree": "f1f62aa538ba3c2265815d2dbe942377264850a5", "parents": [ "0de189355c6afad6f677029d90fa40dee824141b" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Wed Mar 10 13:12:53 2021 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Wed Mar 10 13:12:53 2021 +0100" }, "message": "m/node/kubernetes/pki: refactor out CA functionality\n\nThis factors out all non-k8s-specific CA functionality from\nmetropolis/node/kubernetes/pki into metropolis/pkg/pki.\n\nThis will allow us to re-use the same PKI-in-CA system to issue\ncertificates for the Metropolis cluster and nodes.\n\nWe also drive-by change some Kubernetes/PKI interactions to make things\ncleaner. Notably, this implements Certificate.Mount to return a\nfileargs.FileArgs containing all the files neede to use this\nCertificate.\n\nTest Plan: covered by current e2e tests. An etcd harness to test this independently would be nice, though.\n\nX-Origin-Diff: phab/D709\nGitOrigin-RevId: bdc9ff215b94c9192f65c6da8935fe2818fd14ad\n" }, { "commit": "ddd6caff9edac56dad727a79eb5b0faf4dbd6cb9", "tree": "120710eb4a9acf0c3ad1086d9f6f6f3c850a0d70", "parents": [ "bcae658f9530e95cde2ac931beacae71c9fb240e" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Mar 04 17:16:04 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Mar 04 17:16:04 2021 +0100" }, "message": "Build mkfs.xfs using rules_cc\n\nThis drops the old big genrule for mkfs.xfs and replaces it with a nice rules_cc build system\nwith the help of bazel_cc_fix generated patches and our musl-based toolchain.\nWhile we\u0027re at it I bumped the versions of all related dependencies to their latest stable release.\nThis also means pulling in ini.h which is a dependency of the new xfstools version.\n\nInstructions to regenerate the patches are included in the spec files.\n\nToolchain selection is done by the existing transition in our rootfs rule so we automatically get a musl-built\nstatic binary when building for the rootfs.\n\nTest Plan: Tested with E2E tests, should fail fairly catastrophically if something were wrong.\n\nX-Origin-Diff: phab/D708\nGitOrigin-RevId: 648a05cdd08cfa84a8a9f4c057c52446e7005631\n" }, { "commit": "6c4199afe4dc4d446679b862f528e840e60925df", "tree": "fcea4d9f54f2e04cf1d203e104c4a14bfa103702", "parents": [ "5999e92b2da34cbbd50391327ec01081a91866ee" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Feb 10 17:34:29 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Feb 10 17:34:29 2021 +0100" }, "message": "Set reasonable defaults for our kernel\u0027s network configuration\n\nThis sets a number of sysctl options to tune the kernel for a datacenter-like environment by increasing\nbuffers and choosing a better congestion control algorithm. It also enforces reverse path filtering to\nprevent spoofing from CAP_NET_ADMIN-enabled containers and blocks source routing as we have no need for that\nand it might some day interfere with policy efforts.\n\nTo set all these options a small helper structure has been added which makes setting these more compact\nand nicer to read.\n\nTest Plan: Covered by E2E for breakage, scalability improvements not yet testable\n\nBug: T495\n\nX-Origin-Diff: phab/D704\nGitOrigin-RevId: 427b2513d604090e51b37587d772f240112be09d\n" }, { "commit": "3a99c590543394ceb5260282ef8e924b44e8eef8", "tree": "e1b727a0c12b387e1bc12d71826405b8b588fa40", "parents": [ "6b13bf1a98c4a612d13ae939e68802e77fb45474" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jan 26 19:57:21 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jan 26 19:57:21 2021 +0100" }, "message": "Switch Metropolis to EROFS-based root filesystem\n\nThis gets rid of the old large initramfs and switches to an EROFS-based root\nfilesystem. It also drops the copy \u0026 remount compatibility code. As this filesystem is\nproperly read-only and not just ephemeral, this also brings various changes to the code\nto make systems compatible with that.\n\nTest Plan: Covered by E2E tests, also manually smoke-tested.\n\nX-Origin-Diff: phab/D696\nGitOrigin-RevId: 037f2b8253e7cff8435cc79771fad05f53670ff0\n" }, { "commit": "74e8e5c35fea1ec9ce13c8a2d16100bab45d42d9", "tree": "3ec734c4b86fed54a5039623c789dd4b805b3b6e", "parents": [ "19eb0006edc79edc53fb53ea0eed67e93f4c8eba" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jan 26 14:00:50 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jan 26 14:00:50 2021 +0100" }, "message": "Make containerd work with read-only root\n\nThis makes containerd work with a read-only root. There were a few config mistakes on our side which\ncaused it to write to the rootfs (mostly leftovers from the switch to /ephemeral) and a semi-hardcoded path\nin /var/lib/cni from containernetworking/cni. This is technically configurable, but it would require patching\nthree different repos (see diff message) and getting all of them to agree to take the change and wait for\nit to propagate to all repos (containerd is known to be slow to release stuff). So let\u0027s just hack in\nthis one-line diff for the time being.\n\nTest Plan: Should be covered by existing tests\n\nX-Origin-Diff: phab/D694\nGitOrigin-RevId: 0e8f5dbfb216539c16e64130af9fe1023722ae1b\n" }, { "commit": "842536b10bd1b11e62317940feef215442a8ecb4", "tree": "264906157b5cd51ef39e952326b85da48b5bbb5b", "parents": [ "f12bedfa4cd144c3abc4deac58405067d55f9c87" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jan 26 13:54:57 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jan 26 13:54:57 2021 +0100" }, "message": "Make Kubernetes work with read-only root\n\nThis makes Kubernetes work with a read-only root. There\u0027s two places where they hardcode\npaths: One is the DeviceManager socket path (/var/lib/kubelet/device-plugins/kubelet.sock), that one\nis easy to fix because KubeletRootDir is available one scope above. The other one is the pod logs dir\nwhich is too far removed from the main Kubelet config, so I just changed their hardcoded path to ours.\nThe first patch should be upstreamable, for the second one we\u0027d need to take a different approach to upstream.\n\nTest Plan: Should be covered by existing E2E tests.\n\nX-Origin-Diff: phab/D693\nGitOrigin-RevId: 4606ab228a24bd4a0274f8e3156123710a59f2aa\n" }, { "commit": "f12bedfa4cd144c3abc4deac58405067d55f9c87", "tree": "ddbc408e424a0ea8e446bcf0022ee16278202d63", "parents": [ "c3ad846e0eaf4cf008130a643ff247aa27531e17" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri Jan 15 16:58:50 2021 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri Jan 15 16:58:50 2021 +0100" }, "message": "*: bump up Go dependencies\n\nThis started off as \u0027let\u0027s bump gVisor\u0027. However, pulling that thread\nresulted in quite a few things that also required bumping for the build\nto actually work. Here I come back from a day in the Bazel mines,\nbearing fruits of my labor.\n\nNotable changes:\n\n - bump up gVisor\n - bump up containerd\n - bump up Bazel\n - bump up rules_go, rules_docker, Gazelle\n - use google.golang.org/protobuf (the \u0027new\u0027 go proto package)\n - bump up gRPC (but not too much, as go-etcd is still straggling)\n\nNotable effects:\n\n - new gVisor supports TTY allocation (kubectl run -it\n --image\u003dubuntu:20.04 ubuntu bash now works!)\n\nNotable notes:\n\n - gVisor shim has new been rolled into the main gVisor package and is\n slightly easier to build (we can get rid of a bunch of patches).\n - Opencontainers\u0027 runtime-specs now follow containerd instead of gVisor\n - gVisor had to be taught to use the slightly newer runtime-specs via a\n new patch.\n - go_rule() in Starlark is now deprecated, and we had to change our\n Starlark rule definitions to use rule() instead. We also had to patch\n gVisor to do that (as there hasn\u0027t yet been a release that rolled\n this up).\n - Gazelle now supports different naming schemes for generated Go\n targets - either the old //foo/bar:go_default_library scheme, or a\n new and nicer //foo/bar:bar scheme. We currently force the usage of\n the old scheme, as switching over is probably not going to be easy\n (we use a lot of external Bazel files, and we have to wait for their\n compatibility with the new scheme first).\n - New Bazel/rules_go sets a TMPDIR long enough to generate paths (via\n ioutil.TempDir) to which sockets cannot be bound (108-byte limit).\n - The new protobuf API is incompatible with gogoproto. containerd/ttrpc\n uses gogoproto, but we are smart enough to pull in the old protobuf\n library as gogoproto\u0027s transitive dep. However, ttrpc also wants to\n use some proto-generated grpc bits, and that doesn\u0027t work. We have to\n pull in a ttrpc fork from a PR that hasn\u0027t yet been merged that fixes\n this issue.\n\nTest Plan: Refactor only, should be covered by tests.\n\nX-Origin-Diff: phab/D689\nGitOrigin-RevId: 1188c0605d25e7f40307fab5fd96e7019f3a9171\n" }, { "commit": "c3ad846e0eaf4cf008130a643ff247aa27531e17", "tree": "d9a8287f49f596c8ffd9c7d0dce6939c16a06707", "parents": [ "febf0b0defa3a4ccfb58f4c77ddb095a2668162a" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri Jan 08 16:45:51 2021 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri Jan 08 16:45:51 2021 +0100" }, "message": "ci: build both debug and non-debug builds, add secondary cache\n\nThis runs `test //... -c dbg` in addition to `test //...`. Because switching to-and-from the debug configuration causes the local cache to get thrashed, we add a secondary cache via --disk_cache. This should, at some point, be replaced with a proper remote cache instead.\n\nWe also drive-by fix a debug build issue.\n\nFixes T883.\n\nTest Plan: This should test more things in CI now.\n\nBug: T883\n\nX-Origin-Diff: phab/D688\nGitOrigin-RevId: 9c35c4737d6b205a6bc74d50665c37535ac1d5ba\n" }, { "commit": "31370b07f0df2dc2765d812d4ce00a6b35185b16", "tree": "15563902eee9591083284441c8505b084b275d0a", "parents": [ "313816f41244d7520eb2b6f8c231328ee5b7a4ef" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jan 07 16:31:14 2021 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jan 07 16:31:14 2021 +0100" }, "message": "*: git.monogon.dev -\u003e source.monogon.dev\n\nThis implements T882, setting our (virtual) GOPATH to source.monogon.dev\nfor this repository.\n\nTest Plan: Refactor, CI only.\n\nX-Origin-Diff: phab/D686\nGitOrigin-RevId: c5e2309089948ffc3a98e68e2e0e1cbb157d3a36\n" }, { "commit": "313816f41244d7520eb2b6f8c231328ee5b7a4ef", "tree": "7a8aa08b48b22a7843afd76c14b8fd2ebe3c2cfb", "parents": [ "d9ed6560d5db2783252945e1dd3c2e4f908c019e" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Dec 22 16:52:26 2020 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Dec 22 16:52:26 2020 +0100" }, "message": "Disable integrity and encryption for debug builds\n\nThis disables disk encryption and integrity when running in the debug profile.\nIt also makes mkfs.xfs not issue discards as the backend is either a sparse file\n(during development) or dm-crypt/dm-integrity which ignores them. In both cases\nthey are counterproductive and slow things down.\n\nTest Plan: Not exercised by normal tests, manually tested.\n\nX-Origin-Diff: phab/D681\nGitOrigin-RevId: 24fae1e3de8d852b414ebd50f3fbe032440683fb\n" }, { "commit": "0be9be88224dd87eedb10436b11615fa59862271", "tree": "2cffcd0ca273ada48c0b42a36bd25bb1cc2da35c", "parents": [ "549b72b2d65051403301f53111509f77e88b379b" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jan 07 15:23:44 2021 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jan 07 15:23:44 2021 +0100" }, "message": "metropolis: Lock down visibility rules\n\nThis formalizes the package structure introduced by D683.\n\nTest Plan: Pure refactor, CI only.\n\nX-Origin-Diff: phab/D684\nGitOrigin-RevId: 574aa14c71faf94f4a5c02a2110e2e3fef7d36ac\n" }, { "commit": "549b72b2d65051403301f53111509f77e88b379b", "tree": "b4e523d5d17e8130545e58b58870b4a18118a780", "parents": [ "696f39abb19ffcca03e9fc5a98681338216b1e7f" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jan 07 14:54:19 2021 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jan 07 14:54:19 2021 +0100" }, "message": "metropolis: unify utility packages\n\nOne last sweeping rename / reshuffle.\n\nWe get rid of //metropolis/node/common and //golibs, unifying them into\na single //metropolis/pkg meta-package.\n\nThis is to be documented somwhere properly, but here\u0027s the new logic\nbehind selecting where to place a new library package:\n\n - if it\u0027s specific to k8s-on-metropolis, put it in\n //metropolis/node/kubernetes/*. This is a self-contained tree that\n other paths cannot import from.\n - if it\u0027s a big new subsystem of the metropolis core, put it in\n //metropolis/node/core. This can be imported by anything in\n //m/n (eg the Kubernetes code at //m/n/kubernetes\n - otherwise, treat it as generic library that\u0027s part of the metropolis\n project, and put it in //metropolis/pkg. This can be imported by\n anything within //metropolis.\n\nThis will be followed up by a diff that updates visibility rules.\n\nTest Plan: Pure refactor, CI only.\n\nX-Origin-Diff: phab/D683\nGitOrigin-RevId: 883e7f09a7d22d64e966d07bbe839454ed081c79\n" }, { "commit": "662b5b3119b0798980b887d1ef9fa1b5632aa7fb", "tree": "3e1fc4ab033530e6d579112ba500d2c6edb43368", "parents": [ "39f2f691726dc6e0a291aa8609085b835a313dad" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Dec 21 13:49:00 2020 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Dec 21 13:49:00 2020 +0100" }, "message": "smalltown -\u003e metropolis\n\nThis pass removes all mentions of Smalltown, both from code and comments,\nand replaces them with appropriate new terminology.\n\nTest Plan: Refactor, covered by CI.\n\nX-Origin-Diff: phab/D674\nGitOrigin-RevId: 04a94d44ef07d46f7821530da5614daefe16d7ea\n" }, { "commit": "77cb6c5ec3acadf02ad5005dd751cfbf0ec1602f", "tree": "7ddfcdf78c489a5d6fad7a20bd3580d803407450", "parents": [ "26d41999e0c71813648c16ad84bba810c3b9d593" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Sat Dec 19 00:09:22 2020 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Sat Dec 19 00:09:22 2020 +0100" }, "message": "core -\u003e metropolis\n\nSmalltown is now called Metropolis!\n\nThis is the first commit in a series of cleanup commits that prepare us\nfor an open source release. This one just some Bazel packages around to\nfollow a stricter directory layout.\n\nAll of Metropolis now lives in `//metropolis`.\n\nAll of Metropolis Node code now lives in `//metropolis/node`.\n\nAll of the main /init now lives in `//m/n/core`.\n\nAll of the Kubernetes functionality/glue now lives in `//m/n/kubernetes`.\n\nNext steps:\n - hunt down all references to Smalltown and replace them appropriately\n - narrow down visibility rules\n - document new code organization\n - move `//build/toolchain` to `//monogon/build/toolchain`\n - do another cleanup pass between `//golibs` and\n `//monogon/node/{core,common}`.\n - remove `//delta` and `//anubis`\n\nFixes T799.\n\nTest Plan: Just a very large refactor. CI should help us out here.\n\nBug: T799\n\nX-Origin-Diff: phab/D667\nGitOrigin-RevId: 6029b8d4edc42325d50042596b639e8b122d0ded\n" } ] }